Package: kfreebsd-5 Severity: grave Tags: security patch Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for kfreebsd-5. CVE-2007-6150[0]: | The "internal state tracking" code for the random and urandom devices | in FreeBSD 5.5, 6.1 through 6.3, and 7.0 beta 4 allows local users to | obtain portions of previously-accessed random values, which could be | leveraged to bypass protection mechanisms that rely on secrecy of | those values. If you fix this vulnerability please also include the CVE id in your changelog entry. A patch for this can be found on: http://security.freebsd.org/patches/SA-07:09/random.patch For further information: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6150 Kind regards Nico -- Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
Attachment:
pgpYKFOjSNgV8.pgp
Description: PGP signature